package com.ruijie.config;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;

@Configuration
@EnableWebSecurity
public class WebSecurityAppConfig extends WebSecurityConfigurerAdapter {
	@Override
	public void configure(WebSecurity web) throws Exception {
		web.ignoring().antMatchers("/css/**");
		web.ignoring().antMatchers("/js/**");
		web.ignoring().antMatchers("/html/**");
	}

	@Override
	protected void configure(HttpSecurity http) throws Exception {
        http
        .authorizeRequests()
            .antMatchers("/", "/index").permitAll()
            .anyRequest().authenticated()
            .and()
        .formLogin()
            .loginPage("/login")
            .permitAll()
            .and()
        .logout()
        	.deleteCookies("remove")
        	.invalidateHttpSession(true)
        	.logoutUrl("/logout")
        	.logoutSuccessUrl("/");
        
//       http
//		.authorizeRequests()                                                                
//			.antMatchers("/resources/**", "/signup", "/about").permitAll()                  
//			.antMatchers("/admin/**").hasRole("ADMIN")                                      
//			.antMatchers("/db/**").access("hasRole('ADMIN') and hasRole('DBA')")            
//			.anyRequest().authenticated()                                                   
//			.and()
//		.formLogin();
		
//		http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.ALWAYS);
//		http.csrf().disable();
	}
//
//	@Autowired
//	public void configureGlobal(AuthenticationManagerBuilder auth)
//			throws Exception {
//		auth.inMemoryAuthentication().withUser("user").password("123")
//				.roles("USER");
//	}
	
	@Autowired
    public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
        auth
                .inMemoryAuthentication()
                .passwordEncoder(passwordEncoder())
                .withUser("admin")
                        //123456
                .password("$2a$05$uYs.4IMu07yj68Oy9KRWoOEHOos2WIFUNk5bg5eGRRhWF/n2Skmwq")
                .roles("ADMIN");
        
//        org.springframework.security.access.hierarchicalroles.RoleHierarchyImpl
    }

//    @Override
//    protected void configure(HttpSecurity http) throws Exception {
//        http
//                .authorizeRequests()
//                .antMatchers("/", "/index","/resources/**", "/html/*").permitAll()
//                .anyRequest().authenticated()
//                .and()
//                .httpBasic();
//    }

    @Bean
    public PasswordEncoder passwordEncoder() {
        return new BCryptPasswordEncoder(5);
    }
    public static void main(String[] args) {
    	BCryptPasswordEncoder bCryptPasswordEncoder = new BCryptPasswordEncoder(5);
    	System.out.println(bCryptPasswordEncoder.encode("123456"));
	}

}